Virtualization is a term that has been coined to refer to the abstraction of computer resources. This includes abstraction of both hardware and software at multiple levels, from individual servers and clients to storage to complete networks. In this latter instance, the term “virtual infrastructure” has been used to refer to abstracted resources of a computer network, inclusive of all the hardware and software. Virtualization thus transforms physical hardware and software resources into virtual machines (and other virtual objects) that are capable of running their own operating systems and applications across any of a variety of platforms. Virtualization also allows the packaging of complete operating system and applications as a portable virtual environment (also referred to as encapsulation), which can be moved from one virtualization platform to another (regardless of vendor).
Among the many benefits afforded by virtualization technology are increased flexibility and reduced cost of infrastructure management largely driven by encapsulation and portability inherent to virtual machines. With the benefits of visualization, however, come several serious security risks. Because virtual infrastructures can now be managed remotely through software, controls that existed in the pre-virtualization world are now relaxed or bypassed altogether. Users with access to software management facilities now can create copies of the virtual machine disks with sensitive data, cause denial of service to an important application by starving it of resources or accidentally connecting a critical virtual machine to an insecure network. More malicious attacks are also possible. Indeed, the data of virtualization applications, both run-time and its associated data set, need to be protected as it represents base hardware structures in relation to executing payload of the operating system and application. Moreover, the portability of virtual machines and the fact that the application/data reader is encapsulated together with the data, invalidates data protection methodologies of separation that rely on the security of physical storage devices.
Dynamic allocation of physical and logical resources for each instantiated virtual machine requires that every resource provider be defined separately with its own access and allocation rules; creating a multi-node service provider access system as compared to legacy environment where a physical system with processor, memory, storage and network resources was a single bundled service provider. Moreover, the rate of change of the virtualized system makes it impractical to require human intervention when adjusting the access and allocation rules with every change. To be useful, the controls need to have higher level of abstraction and generalization. Further, persistence, inheritance and tight coupling between the data set and the associated controls are important as the data set routinely migrates and/or survives specific physical environments or virtualized environments.
These and other considerations demand that virtualized resources be placed under the control of stringent security facilities.